From 1fbc0768823c3001fba9322423bc52f13703cc43 Mon Sep 17 00:00:00 2001 From: Vaibhav Date: Wed, 13 Feb 2019 17:14:36 -0500 Subject: [PATCH 01/17] Update Argo Events chart (#35) --- charts/.DS_Store | Bin 0 -> 6148 bytes charts/argo-events/Chart.yaml | 9 +- charts/argo-events/README.md | 14 ++- charts/argo-events/templates/_helpers.tpl | 21 ---- charts/argo-events/templates/_sensor-crd.tpl | 20 ---- .../templates/apply-sensor-crd-job.yaml | 19 ---- .../templates/argo-events-cluster-roles.yaml | 94 ++++++++++++++++++ .../argo-events/templates/argo-events-sa.yaml | 7 ++ .../gateway-controller-configmap.yaml | 12 +++ .../gateway-controller-deployment.yaml | 33 ++++++ charts/argo-events/templates/gateway-crd.yaml | 14 +++ .../sensor-controller-clusterrole.yaml | 15 --- .../sensor-controller-configmap.yaml | 8 +- .../templates/sensor-controller-crb.yaml | 12 --- .../sensor-controller-deployment.yaml | 18 ++-- .../templates/sensor-controller-sa.yaml | 4 - charts/argo-events/templates/sensor-crd.yaml | 14 +++ .../templates/signals-clusterrole.yaml | 11 -- charts/argo-events/templates/signals-crb.yaml | 12 --- charts/argo-events/templates/signals-sa.yaml | 4 - charts/argo-events/values.yaml | 32 +++--- 21 files changed, 210 insertions(+), 163 deletions(-) create mode 100644 charts/.DS_Store delete mode 100644 charts/argo-events/templates/_sensor-crd.tpl delete mode 100644 charts/argo-events/templates/apply-sensor-crd-job.yaml create mode 100644 charts/argo-events/templates/argo-events-cluster-roles.yaml create mode 100644 charts/argo-events/templates/argo-events-sa.yaml create mode 100644 charts/argo-events/templates/gateway-controller-configmap.yaml create mode 100644 charts/argo-events/templates/gateway-controller-deployment.yaml create mode 100644 charts/argo-events/templates/gateway-crd.yaml delete mode 100644 charts/argo-events/templates/sensor-controller-clusterrole.yaml delete mode 100644 charts/argo-events/templates/sensor-controller-crb.yaml delete mode 100644 charts/argo-events/templates/sensor-controller-sa.yaml create mode 100644 charts/argo-events/templates/sensor-crd.yaml delete mode 100644 charts/argo-events/templates/signals-clusterrole.yaml delete mode 100644 charts/argo-events/templates/signals-crb.yaml delete mode 100644 charts/argo-events/templates/signals-sa.yaml diff --git a/charts/.DS_Store b/charts/.DS_Store new file mode 100644 index 0000000000000000000000000000000000000000..beead66a02843c49bfcbb920658416449832a8c2 GIT binary patch literal 6148 zcmeHKu}TC{3`}&v1Dh)?x3saawpos|u=WS^P7vW>L9pM>Z}BVdW|EwE`>?f;2_&=c zCG(b@V)J5VzWR8%HCvk50#39~hSr#;H+EJ#MCTa~yK%eOjT@}vz=qLoklWd_z1ype zGyWZN*ZZ&_UL5P}#^-wq^A_McJ0+Z@BVt7pso^<4gs-F^*ZXR#OIrV0* z3B_yh@IK1TheSmwAO%hpIM3yh{r?{R%lv;z(n<UusSKNL=hLC1d3fw~A#7nv0J3k42B%q8&v literal 0 HcmV?d00001 diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index d32cb2be..8c05a032 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,15 +1,14 @@ apiVersion: v1 description: A Helm chart to install Argo-Events in k8s Cluster name: argo-events -version: 0.2.0 +version: 0.3.0 keywords: - argo-events - sensor-controller +- gateway-controller sources: - https://github.com/argoproj/argo-events maintainers: -- name: Matt Magaldi - email: mmagaldi@blackrock.com - name: Vaibhav Page - email: vpage@blackrock.com -appVersion: 0.1.0 +- name: Matt Magaldi +appVersion: 0.7.0 diff --git a/charts/argo-events/README.md b/charts/argo-events/README.md index e08cf4ba..d09f9e8a 100644 --- a/charts/argo-events/README.md +++ b/charts/argo-events/README.md @@ -1,13 +1,11 @@ # Argo-Events Helm Chart This helm chart installs the [argo-events](https://github.com/argoproj/argo-events) application. This application comes packaged with: - Sensor Custom Resource Definition +- Gateway Custom Resource Definition - Sensor Controller Deployment - Sensor Controller ConfigMap -- Sensor Controller Service Account -- Sensor Controller Cluster Roles -- Sensor Controller Cluster Role Bindings - - -Note: the associated `argo-events` cluster role and cluster role bindings can be found in the [roles](https://blade-git.blackrock.com/cloud-native/roles) repository. The purpose that these aren't included in this Helm chart is that we do not have the required permissions to create these resources in the Kubernetes clusters. Reach out to `+Group Kubernetes Support` for help in setting up these roles. - -## Chart Values +- Gateway Controller Deployment +- Gateway Controller ConfigMap +- Service Account +- Cluster Roles +- Cluster Role Bindings diff --git a/charts/argo-events/templates/_helpers.tpl b/charts/argo-events/templates/_helpers.tpl index 55c1142c..f0d83d2e 100644 --- a/charts/argo-events/templates/_helpers.tpl +++ b/charts/argo-events/templates/_helpers.tpl @@ -14,24 +14,3 @@ We truncate at 63 chars because some Kubernetes name fields are limited to this {{- $name := default .Chart.Name .Values.nameOverride -}} {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} {{- end -}} - -{{- define "sensor-crd-json" }} -{ - "apiVersion": "apiextensions.k8s.io/v1beta1", - "kind": "CustomResourceDefinition", - "metadata": { - "name": "sensors.argoproj.io" - }, - "spec": { - "group": "argoproj.io", - "names": { - "kind": "Sensor", - "listKind": "SensorList", - "plural": "sensors", - "singular": "sensor" - }, - "scope": "Namespaced", - "version": "v1alpha1" - } -} -{{- end}} diff --git a/charts/argo-events/templates/_sensor-crd.tpl b/charts/argo-events/templates/_sensor-crd.tpl deleted file mode 100644 index 48fb2ab5..00000000 --- a/charts/argo-events/templates/_sensor-crd.tpl +++ /dev/null @@ -1,20 +0,0 @@ -{{- define "sensor-crd-json" }} -{ - "apiVersion": "apiextensions.k8s.io/{{ .Values.crd.version }}", - "kind": "CustomResourceDefinition", - "metadata": { - "name": "sensors.argoproj.io" - }, - "spec": { - "group": "argoproj.io", - "names": { - "kind": "Sensor", - "listKind": "SensorList", - "plural": "sensors", - "singular": "sensor" - }, - "scope": "Namespaced", - "version": "v1alpha1" - } -} -{{- end}} diff --git a/charts/argo-events/templates/apply-sensor-crd-job.yaml b/charts/argo-events/templates/apply-sensor-crd-job.yaml deleted file mode 100644 index 8360d0fd..00000000 --- a/charts/argo-events/templates/apply-sensor-crd-job.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: batch/v1 -kind: Job -metadata: - name: {{ .Release.Name }}-apply-sensor-crd - annotations: - helm.sh/hook: pre-install - helm.sh/hook-delete-policy: hook-succeeded -spec: - backoffLimit: 5 - activeDeadlineSeconds: 100 - template: - spec: - serviceAccountName: {{ .Values.crd.jobServiceAccount }} - containers: - - name: kubectl-apply - image: lachlanevenson/k8s-kubectl - command: ["/bin/sh"] - args: ["-c", 'echo ''{{- include "sensor-crd-json" .}}'' | kubectl apply -f -'] - restartPolicy: Never diff --git a/charts/argo-events/templates/argo-events-cluster-roles.yaml b/charts/argo-events/templates/argo-events-cluster-roles.yaml new file mode 100644 index 00000000..4d7e9db4 --- /dev/null +++ b/charts/argo-events/templates/argo-events-cluster-roles.yaml @@ -0,0 +1,94 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: argo-events-binding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: argo-events-role +subjects: + - kind: ServiceAccount + name: argo-events-sa + namespace: argo-events +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: argo-events-role +rules: + - apiGroups: + - apiextensions.k8s.io + - apiextensions.k8s.io/v1beta1 + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + resources: + - customresourcedefinitions + - apiGroups: + - argoproj.io + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + resources: + - workflows + - workflows/finalizers + - gateways + - gateways/finalizers + - sensors + - sensors/finalizers + - apiGroups: + - "" + resources: + - pods + - pods/exec + - configmaps + - secrets + - services + - events + - persistentvolumeclaims + verbs: + - create + - get + - list + - watch + - update + - patch + - delete + - apiGroups: + - "batch" + resources: + - jobs + verbs: + - create + - get + - list + - watch + - update + - patch + - delete + - apiGroups: + - "apps/v1" + - "apps/v1beta2" + - "apps/v1beta1" + resources: + - deployments + verbs: + - create + - get + - list + - watch + - update + - patch + - delete diff --git a/charts/argo-events/templates/argo-events-sa.yaml b/charts/argo-events/templates/argo-events-sa.yaml new file mode 100644 index 00000000..2d0f9de5 --- /dev/null +++ b/charts/argo-events/templates/argo-events-sa.yaml @@ -0,0 +1,7 @@ +# All argo-events services are bound to the "argo-events" service account. +# In RBAC enabled setups, this SA is bound to specific roles. +apiVersion: v1 +kind: ServiceAccount +metadata: + name: argo-events-sa + namespace: argo-events diff --git a/charts/argo-events/templates/gateway-controller-configmap.yaml b/charts/argo-events/templates/gateway-controller-configmap.yaml new file mode 100644 index 00000000..1f0a0fd7 --- /dev/null +++ b/charts/argo-events/templates/gateway-controller-configmap.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Release.Name }}-{{ .Values.gatewayController.name }}-configmap + labels: + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: + config: | + instanceID: {{ .Values.instanceID }} + namespace: {{ .Values.namespace }} diff --git a/charts/argo-events/templates/gateway-controller-deployment.yaml b/charts/argo-events/templates/gateway-controller-deployment.yaml new file mode 100644 index 00000000..7c699639 --- /dev/null +++ b/charts/argo-events/templates/gateway-controller-deployment.yaml @@ -0,0 +1,33 @@ +apiVersion: apps/v1beta1 +kind: Deployment +metadata: + name: {{ .Release.Name }}-{{ .Values.gatewayController.name }} + labels: + app: {{ .Release.Name }}-{{ .Values.gatewayController.name }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.gatewayController.replicaCount }} + selector: + matchLabels: + app: {{ .Release.Name }}-{{ .Values.gatewayController.name }} + release: {{ .Release.Name }} + template: + metadata: + labels: + app: {{ .Release.Name }}-{{ .Values.gatewayController.name }} + release: {{ .Release.Name }} + spec: + serviceAccountName: {{ .Values.serviceAccount }} + containers: + - name: {{ .Values.gatewayController.name }} + image: "{{ .Values.registry }}/{{ .Values.gatewayController.image }}:{{ .Values.gatewayController.tag }}" + imagePullPolicy: {{ .Values.imagePullPolicy }} + env: + - name: GATEWAY_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: GATEWAY_CONTROLLER_CONFIG_MAP + value: {{ .Release.Name }}-{{ .Values.gatewayController.name }}-configmap diff --git a/charts/argo-events/templates/gateway-crd.yaml b/charts/argo-events/templates/gateway-crd.yaml new file mode 100644 index 00000000..6cab34ba --- /dev/null +++ b/charts/argo-events/templates/gateway-crd.yaml @@ -0,0 +1,14 @@ +# Define a "gateway" custom resource definition +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: gateways.argoproj.io +spec: + group: argoproj.io + names: + kind: Gateway + listKind: GatewayList + plural: gateways + singular: gateway + scope: Namespaced + version: v1alpha1 diff --git a/charts/argo-events/templates/sensor-controller-clusterrole.yaml b/charts/argo-events/templates/sensor-controller-clusterrole.yaml deleted file mode 100644 index a1d53e8d..00000000 --- a/charts/argo-events/templates/sensor-controller-clusterrole.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ .Release.name }}-{{ .Values.controller.name}}-cluster-role -rules: -- apiGroups: ["argoproj.io"] - resources: ["sensors"] - verbs: ["get", "list", "watch", "update", "patch"] -# The following rules define what the triggers can do -- apiGroups: ["argoproj.io"] - resources: ["workflows"] - verbs: ["create", "delete"] -- apiGroups: [""] - resources: ["configmaps", "secrets", "pods"] - verbs: ["get", "watch", "list", "patch"] diff --git a/charts/argo-events/templates/sensor-controller-configmap.yaml b/charts/argo-events/templates/sensor-controller-configmap.yaml index c3dc4661..abd1c8b9 100644 --- a/charts/argo-events/templates/sensor-controller-configmap.yaml +++ b/charts/argo-events/templates/sensor-controller-configmap.yaml @@ -1,16 +1,12 @@ apiVersion: v1 kind: ConfigMap metadata: - name: {{ .Release.Name }}-{{ .Values.controller.name }}-configmap + name: {{ .Release.Name }}-{{ .Values.sensorController.name }}-configmap labels: chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} data: config: | - namespace: {{ .Release.Namespace }} - {{- if .Values.useReleaseAsInstanceID }} - instanceID: {{ .Release.Name }} - {{- else }} instanceID: {{ .Values.instanceID }} - {{- end }} + namespace: {{ .Values.namespace }} \ No newline at end of file diff --git a/charts/argo-events/templates/sensor-controller-crb.yaml b/charts/argo-events/templates/sensor-controller-crb.yaml deleted file mode 100644 index b7d54544..00000000 --- a/charts/argo-events/templates/sensor-controller-crb.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: {{ .Release.name }}-{{ .Values.controller.name}}-binding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ .Release.name }}-{{ .Values.controller.name}}-cluster-role -subjects: -- kind: ServiceAccount - name: {{ .Values.controller.serviceAccount }} - namespace: {{ .Release.Namespace }} diff --git a/charts/argo-events/templates/sensor-controller-deployment.yaml b/charts/argo-events/templates/sensor-controller-deployment.yaml index a53780f5..48ae0f56 100644 --- a/charts/argo-events/templates/sensor-controller-deployment.yaml +++ b/charts/argo-events/templates/sensor-controller-deployment.yaml @@ -1,28 +1,28 @@ apiVersion: apps/v1beta1 kind: Deployment metadata: - name: {{ .Release.Name }}-{{ .Values.controller.name }} + name: {{ .Release.Name }}-{{ .Values.sensorController.name }} labels: - app: {{ .Release.Name }}-{{ .Values.controller.name }} + app: {{ .Release.Name }}-{{ .Values.sensorController.name }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} spec: - replicas: {{ .Values.controller.replicaCount }} + replicas: {{ .Values.sensorController.replicaCount }} selector: matchLabels: - app: {{ .Release.Name }}-{{ .Values.controller.name }} + app: {{ .Release.Name }}-{{ .Values.sensorController.name }} release: {{ .Release.Name }} template: metadata: labels: - app: {{ .Release.Name }}-{{ .Values.controller.name }} + app: {{ .Release.Name }}-{{ .Values.sensorController.name }} release: {{ .Release.Name }} spec: - serviceAccountName: {{ .Values.controller.serviceAccount }} + serviceAccountName: {{ .Values.serviceAccount }} containers: - - name: {{ .Values.controller.name }} - image: "{{ .Values.registry }}/{{ .Values.controller.image }}:{{ .Values.controller.tag }}" + - name: {{ .Values.sensorController.name }} + image: "{{ .Values.registry }}/{{ .Values.sensorController.image }}:{{ .Values.sensorController.tag }}" imagePullPolicy: {{ .Values.imagePullPolicy }} env: - name: SENSOR_NAMESPACE @@ -30,4 +30,4 @@ spec: fieldRef: fieldPath: metadata.namespace - name: SENSOR_CONFIG_MAP - value: {{ .Release.Name }}-{{ .Values.controller.name }}-configmap + value: {{ .Release.Name }}-{{ .Values.sensorController.name }}-configmap diff --git a/charts/argo-events/templates/sensor-controller-sa.yaml b/charts/argo-events/templates/sensor-controller-sa.yaml deleted file mode 100644 index af3ef519..00000000 --- a/charts/argo-events/templates/sensor-controller-sa.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ .Values.controller.serviceAccount }} diff --git a/charts/argo-events/templates/sensor-crd.yaml b/charts/argo-events/templates/sensor-crd.yaml new file mode 100644 index 00000000..5b50b240 --- /dev/null +++ b/charts/argo-events/templates/sensor-crd.yaml @@ -0,0 +1,14 @@ +# Define a "sensor" custom resource definition +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: sensors.argoproj.io +spec: + group: argoproj.io + names: + kind: Sensor + listKind: SensorList + plural: sensors + singular: sensor + scope: Namespaced + version: v1alpha1 diff --git a/charts/argo-events/templates/signals-clusterrole.yaml b/charts/argo-events/templates/signals-clusterrole.yaml deleted file mode 100644 index dfec0e27..00000000 --- a/charts/argo-events/templates/signals-clusterrole.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ .Release.name }}-signals-cluster-role -rules: -- apiGroups: [""] - resources: ["pods"] - verbs: ["watch", "list", "patch"] -- apiGroups: {{ .Values.signals.listenRoles.apiGroups }} - resources: {{ .Values.signals.listenRoles.resources }} - verbs: ["get", "list", "watch"] \ No newline at end of file diff --git a/charts/argo-events/templates/signals-crb.yaml b/charts/argo-events/templates/signals-crb.yaml deleted file mode 100644 index 3a265e5b..00000000 --- a/charts/argo-events/templates/signals-crb.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: {{ .Release.name }}-signals-binding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ .Release.name }}-signals-cluster-role -subjects: -- kind: ServiceAccount - name: {{ .Values.signals.serviceAccount }} - namespace: {{ .Release.Namespace }} diff --git a/charts/argo-events/templates/signals-sa.yaml b/charts/argo-events/templates/signals-sa.yaml deleted file mode 100644 index 9baaa73b..00000000 --- a/charts/argo-events/templates/signals-sa.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ .Values.signals.serviceAccount }} diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index c68ca7cc..09579cb3 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -1,27 +1,25 @@ +# docker registry registry: argoproj + +# The image pull policy imagePullPolicy: Always -# Version of the Sensor CRD -crd: - version: v1beta1 - jobServiceAccount: default +# ServiceAccount to use for running controller. +serviceAccount: argo-events-sa -# If set to true then chart set controller instance id to release name -useReleaseAsInstanceID: true -instanceID: 1 +instanceID: argo-events -# controller -controller: +namespace: argo-events + +# sensor controller +sensorController: name: sensor-controller image: sensor-controller tag: latest replicaCount: 1 - serviceAccount: argo-events -# signal microservices -signals: - serviceAccount: argo-signals - # this controls what the resource signal pod can listen to - listenRoles: - apiGroups: ["argoproj.io", ""] - resources: ["sensors", "workflows", "pods"] +gatewayController: + name: gateway-controller + image: gateway-controller + tag: latest + replicaCount: 1 From db30d36879d9122714291ad4f161be9a986fde27 Mon Sep 17 00:00:00 2001 From: Liviu Costea Date: Thu, 14 Feb 2019 00:22:11 +0200 Subject: [PATCH 02/17] Helm chart for ArgoCD (#34) * Add application controller resources First chart version for argo-cd added the new labels recommeneded for k8 * Add repo server resources Use legacy label and new one for application controller selectors Set labels for deployment for easier discovery * Configure git repositories, helm chart museums and dex connectors This way argo-cd could be configured to update itself via helm * Parameterize the rbac configmap * Parameterize webhook secrets * Parameterize server deployment and set services with the labels * Add service account, role and rolebinding for server deployment * Clean the old label, use only latest recommendations Follow the ideas and changes of https://github.com/argoproj/argo-cd/pull/1035 * Fix var naming issues * Fix server service incorrect ports * Install crds with helm hook * Enable cluster admin accessby default Default installation will allow installing apps in the current cluster without inputted credentials. For other clusters inputted credentials will be needed * Parameterize the dex server * Harcode resource names because code expects them this way Some resource names and application urls are hardcoded in code with these names. So they can't be parameterized. * Create the ingress with tls passthrough support Tls is terminated on the ArgoCD server, not on ingress * Fix typo on application controller sa * Add notes on how to connect to server UI after installation --- .gitignore | 1 + charts/argo-cd/.helmignore | 21 +++ charts/argo-cd/Chart.yaml | 5 + charts/argo-cd/templates/NOTES.txt | 13 ++ charts/argo-cd/templates/_helpers.tpl | 32 +++++ ...cd-application-controller-clusterrole.yaml | 24 ++++ ...ication-controller-clusterrolebinding.yaml | 21 +++ ...ocd-application-controller-deployment.yaml | 43 ++++++ .../argocd-application-controller-role.yaml | 42 ++++++ ...cd-application-controller-rolebinding.yaml | 18 +++ .../argocd-application-controller-sa.yaml | 11 ++ ...argocd-application-controller-service.yaml | 17 +++ charts/argo-cd/templates/argocd-cm.yaml | 23 ++++ .../argocd-dex-server-deployment.yaml | 48 +++++++ .../templates/argocd-dex-server-role.yaml | 21 +++ .../argocd-dex-server-rolebinding.yaml | 18 +++ .../templates/argocd-dex-server-sa.yaml | 11 ++ .../templates/argocd-dex-server-service.yaml | 23 ++++ .../templates/argocd-metrics-service.yaml | 20 +++ charts/argo-cd/templates/argocd-rbac-cm.yaml | 18 +++ .../argocd-repo-server-deployment.yaml | 38 ++++++ .../templates/argocd-repo-server-service.yaml | 17 +++ charts/argo-cd/templates/argocd-secret.yaml | 21 +++ .../templates/argocd-server-deployment.yaml | 53 ++++++++ .../templates/argocd-server-ingress.yaml | 29 ++++ .../argo-cd/templates/argocd-server-role.yaml | 45 ++++++ .../templates/argocd-server-rolebinding.yaml | 19 +++ .../argo-cd/templates/argocd-server-sa.yaml | 11 ++ .../templates/argocd-server-service.yaml | 24 ++++ .../templates/crds/application-crd.yaml | 22 +++ .../templates/crds/appproject-crd.yaml | 22 +++ charts/argo-cd/values.yaml | 128 ++++++++++++++++++ 32 files changed, 859 insertions(+) create mode 100644 charts/argo-cd/.helmignore create mode 100644 charts/argo-cd/Chart.yaml create mode 100644 charts/argo-cd/templates/NOTES.txt create mode 100644 charts/argo-cd/templates/_helpers.tpl create mode 100644 charts/argo-cd/templates/argocd-application-controller-clusterrole.yaml create mode 100644 charts/argo-cd/templates/argocd-application-controller-clusterrolebinding.yaml create mode 100755 charts/argo-cd/templates/argocd-application-controller-deployment.yaml create mode 100755 charts/argo-cd/templates/argocd-application-controller-role.yaml create mode 100755 charts/argo-cd/templates/argocd-application-controller-rolebinding.yaml create mode 100755 charts/argo-cd/templates/argocd-application-controller-sa.yaml create mode 100755 charts/argo-cd/templates/argocd-application-controller-service.yaml create mode 100755 charts/argo-cd/templates/argocd-cm.yaml create mode 100644 charts/argo-cd/templates/argocd-dex-server-deployment.yaml create mode 100644 charts/argo-cd/templates/argocd-dex-server-role.yaml create mode 100644 charts/argo-cd/templates/argocd-dex-server-rolebinding.yaml create mode 100644 charts/argo-cd/templates/argocd-dex-server-sa.yaml create mode 100644 charts/argo-cd/templates/argocd-dex-server-service.yaml create mode 100755 charts/argo-cd/templates/argocd-metrics-service.yaml create mode 100755 charts/argo-cd/templates/argocd-rbac-cm.yaml create mode 100755 charts/argo-cd/templates/argocd-repo-server-deployment.yaml create mode 100755 charts/argo-cd/templates/argocd-repo-server-service.yaml create mode 100755 charts/argo-cd/templates/argocd-secret.yaml create mode 100755 charts/argo-cd/templates/argocd-server-deployment.yaml create mode 100644 charts/argo-cd/templates/argocd-server-ingress.yaml create mode 100755 charts/argo-cd/templates/argocd-server-role.yaml create mode 100755 charts/argo-cd/templates/argocd-server-rolebinding.yaml create mode 100755 charts/argo-cd/templates/argocd-server-sa.yaml create mode 100755 charts/argo-cd/templates/argocd-server-service.yaml create mode 100644 charts/argo-cd/templates/crds/application-crd.yaml create mode 100644 charts/argo-cd/templates/crds/appproject-crd.yaml create mode 100644 charts/argo-cd/values.yaml diff --git a/.gitignore b/.gitignore index 9385855f..468b8f5a 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ output .vscode +.DS_Store \ No newline at end of file diff --git a/charts/argo-cd/.helmignore b/charts/argo-cd/.helmignore new file mode 100644 index 00000000..f0c13194 --- /dev/null +++ b/charts/argo-cd/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml new file mode 100644 index 00000000..a6e2c5fa --- /dev/null +++ b/charts/argo-cd/Chart.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +appVersion: "0.11" +description: A Helm chart for Argo-CD +name: argo-cd +version: 0.1.0 diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt new file mode 100644 index 00000000..ecd1f64b --- /dev/null +++ b/charts/argo-cd/templates/NOTES.txt @@ -0,0 +1,13 @@ +In order to access the server UI you have the following options: + +1. kubectl port-forward svc/argocd-server -n argocd 8080:443 + + and then open the browser on http://localhost:8080 and accept the certificate + +2. enable ingress and check the first option ssl passthrough: + https://github.com/argoproj/argo-cd/blob/master/docs/ingress.md#option-1-ssl-passthrough + +After reaching the UI the first time you can login with username: admin and the password will be the +name of the server pod. You can get the pod name by running: + +kubectl get pods -n argocd -l app.kubernetes.io/name={{ include "argo-cd.name" . }}-server -o name | cut -d'/' -f 2 diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl new file mode 100644 index 00000000..bd65c45c --- /dev/null +++ b/charts/argo-cd/templates/_helpers.tpl @@ -0,0 +1,32 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "argo-cd.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "argo-cd.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "argo-cd.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} diff --git a/charts/argo-cd/templates/argocd-application-controller-clusterrole.yaml b/charts/argo-cd/templates/argocd-application-controller-clusterrole.yaml new file mode 100644 index 00000000..83a31835 --- /dev/null +++ b/charts/argo-cd/templates/argocd-application-controller-clusterrole.yaml @@ -0,0 +1,24 @@ +{{- if .Values.clusterAdminAccess.enabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: argocd-application-controller + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: application-controller +rules: +- apiGroups: + - '*' + resources: + - '*' + verbs: + - '*' +- nonResourceURLs: + - '*' + verbs: + - '*' +{{- end }} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-application-controller-clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-application-controller-clusterrolebinding.yaml new file mode 100644 index 00000000..114b6572 --- /dev/null +++ b/charts/argo-cd/templates/argocd-application-controller-clusterrolebinding.yaml @@ -0,0 +1,21 @@ +{{- if .Values.clusterAdminAccess.enabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: argocd-application-controller + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: application-controller +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: argocd-application-controller +subjects: +- kind: ServiceAccount + name: argocd-application-controller + namespace: {{ .Release.Namespace }} +{{- end -}} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-application-controller-deployment.yaml b/charts/argo-cd/templates/argocd-application-controller-deployment.yaml new file mode 100755 index 00000000..31dd0a0b --- /dev/null +++ b/charts/argo-cd/templates/argocd-application-controller-deployment.yaml @@ -0,0 +1,43 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: argocd-application-controller + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: application-controller +spec: + selector: + matchLabels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller + template: + metadata: + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: application-controller + spec: + containers: + - command: + - argocd-application-controller + - --status-processors + - "20" + - --operation-processors + - "10" + image: {{ .Values.applicationController.image.repository }}:{{ .Values.applicationController.image.tag }} + imagePullPolicy: {{ .Values.applicationController.image.pullPolicy }} + name: argocd-application-controller + ports: + - containerPort: {{ .Values.applicationController.containerPort }} + readinessProbe: + tcpSocket: + port: {{ .Values.applicationController.containerPort }} + initialDelaySeconds: 5 + periodSeconds: 10 + serviceAccountName: argocd-application-controller diff --git a/charts/argo-cd/templates/argocd-application-controller-role.yaml b/charts/argo-cd/templates/argocd-application-controller-role.yaml new file mode 100755 index 00000000..e6418a4f --- /dev/null +++ b/charts/argo-cd/templates/argocd-application-controller-role.yaml @@ -0,0 +1,42 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: argocd-application-controller + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: application-controller +rules: +- apiGroups: + - "" + resources: + - secrets + - configmaps + verbs: + - get + - list + - watch +- apiGroups: + - argoproj.io + resources: + - applications + - appprojects + verbs: + - create + - get + - list + - watch + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - list + diff --git a/charts/argo-cd/templates/argocd-application-controller-rolebinding.yaml b/charts/argo-cd/templates/argocd-application-controller-rolebinding.yaml new file mode 100755 index 00000000..530475ec --- /dev/null +++ b/charts/argo-cd/templates/argocd-application-controller-rolebinding.yaml @@ -0,0 +1,18 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: argocd-application-controller + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: application-controller +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: argocd-application-controller +subjects: +- kind: ServiceAccount + name: argocd-application-controller diff --git a/charts/argo-cd/templates/argocd-application-controller-sa.yaml b/charts/argo-cd/templates/argocd-application-controller-sa.yaml new file mode 100755 index 00000000..bd1890b7 --- /dev/null +++ b/charts/argo-cd/templates/argocd-application-controller-sa.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: argocd-application-controller + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: application-controller diff --git a/charts/argo-cd/templates/argocd-application-controller-service.yaml b/charts/argo-cd/templates/argocd-application-controller-service.yaml new file mode 100755 index 00000000..76b8b701 --- /dev/null +++ b/charts/argo-cd/templates/argocd-application-controller-service.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: + name: argocd-application-controller + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: application-controller +spec: + ports: + - port: {{ .Values.applicationController.servicePort }} + targetPort: {{ .Values.applicationController.containerPort }} + selector: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller diff --git a/charts/argo-cd/templates/argocd-cm.yaml b/charts/argo-cd/templates/argocd-cm.yaml new file mode 100755 index 00000000..79045e90 --- /dev/null +++ b/charts/argo-cd/templates/argocd-cm.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: argocd-cm + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }} + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} +data: +{{- if .Values.config.helmRepositories }} + helm.repositories: | +{{ toYaml .Values.config.helmRepositories | indent 4 }} +{{- end }} +{{- if .Values.config.repositories }} + repositories: | +{{ toYaml .Values.config.repositories | indent 4 }} +{{- end }} +{{- if .Values.config.dexConfig }} + dex.config: | +{{ toYaml .Values.config.dexConfig | indent 4 }} +{{- end }} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-dex-server-deployment.yaml b/charts/argo-cd/templates/argocd-dex-server-deployment.yaml new file mode 100644 index 00000000..8d7bc1c1 --- /dev/null +++ b/charts/argo-cd/templates/argocd-dex-server-deployment.yaml @@ -0,0 +1,48 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: argocd-dex-server + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-dex-server + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: dex-server +spec: + selector: + matchLabels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-dex-server + template: + metadata: + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-dex-server + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: dex-server + spec: + serviceAccountName: argocd-dex-server + initContainers: + - name: copyutil + image: {{ .Values.dexServer.initImage.repository }}:{{ .Values.dexServer.initImage.tag }} + imagePullPolicy: {{ .Values.dexServer.initImage.pullPolicy }} + command: [cp, /usr/local/bin/argocd-util, /shared] + volumeMounts: + - mountPath: /shared + name: static-files + containers: + - name: dex + image: {{ .Values.dexServer.image.repository }}:{{ .Values.dexServer.image.tag }} + imagePullPolicy: {{ .Values.dexServer.image.pullPolicy }} + command: [/shared/argocd-util, rundex] + ports: + - containerPort: {{ .Values.dexServer.containerPortHttp }} + - containerPort: {{ .Values.dexServer.containerPortGrpc }} + volumeMounts: + - mountPath: /shared + name: static-files + volumes: + - emptyDir: {} + name: static-files \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-dex-server-role.yaml b/charts/argo-cd/templates/argocd-dex-server-role.yaml new file mode 100644 index 00000000..16076248 --- /dev/null +++ b/charts/argo-cd/templates/argocd-dex-server-role.yaml @@ -0,0 +1,21 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: argocd-dex-server + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-dex-server + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: dex-server +rules: +- apiGroups: + - "" + resources: + - secrets + - configmaps + verbs: + - get + - list + - watch \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-dex-server-rolebinding.yaml b/charts/argo-cd/templates/argocd-dex-server-rolebinding.yaml new file mode 100644 index 00000000..1db56ffe --- /dev/null +++ b/charts/argo-cd/templates/argocd-dex-server-rolebinding.yaml @@ -0,0 +1,18 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: argocd-dex-server + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-dex-server + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: dex-server +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: argocd-dex-server +subjects: +- kind: ServiceAccount + name: argocd-dex-server \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-dex-server-sa.yaml b/charts/argo-cd/templates/argocd-dex-server-sa.yaml new file mode 100644 index 00000000..9fa6a3bd --- /dev/null +++ b/charts/argo-cd/templates/argocd-dex-server-sa.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: argocd-dex-server + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-dex-server + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: dex-server \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-dex-server-service.yaml b/charts/argo-cd/templates/argocd-dex-server-service.yaml new file mode 100644 index 00000000..87402f40 --- /dev/null +++ b/charts/argo-cd/templates/argocd-dex-server-service.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: Service +metadata: + name: argocd-dex-server + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-dex-server + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: dex-server +spec: + ports: + - name: http + protocol: TCP + port: {{ .Values.dexServer.servicePortHttp }} + targetPort: {{ .Values.dexServer.containerPortHttp }} + - name: grpc + protocol: TCP + port: {{ .Values.dexServer.servicePortGrpc }} + targetPort: {{ .Values.dexServer.containerPortGrpc }} + selector: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-dex-server \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-metrics-service.yaml b/charts/argo-cd/templates/argocd-metrics-service.yaml new file mode 100755 index 00000000..f3a7b4f2 --- /dev/null +++ b/charts/argo-cd/templates/argocd-metrics-service.yaml @@ -0,0 +1,20 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-metrics + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: server + name: argocd-metrics +spec: + ports: + - name: http + protocol: TCP + port: {{ .Values.server.serviceMetricsPort }} + targetPort: {{ .Values.server.containerMetricsPort }} + selector: + app: {{ include "argo-cd.name" . }}-server + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server diff --git a/charts/argo-cd/templates/argocd-rbac-cm.yaml b/charts/argo-cd/templates/argocd-rbac-cm.yaml new file mode 100755 index 00000000..fb688d03 --- /dev/null +++ b/charts/argo-cd/templates/argocd-rbac-cm.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: argocd-rbac-cm + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }} + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} +data: +{{- if .Values.rbac.policyDefault }} + policy.default: {{ .Values.rbac.policyDefault }} +{{- end }} +{{- if .Values.rbac.policyCsv }} + policy.csv: +{{- toYaml .Values.rbac.policyCsv | indent 4 }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server-deployment.yaml b/charts/argo-cd/templates/argocd-repo-server-deployment.yaml new file mode 100755 index 00000000..66229263 --- /dev/null +++ b/charts/argo-cd/templates/argocd-repo-server-deployment.yaml @@ -0,0 +1,38 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: argocd-repo-server + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-repo-server + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: repo-server +spec: + selector: + matchLabels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-repo-server + template: + metadata: + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-repo-server + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: repo-server + spec: + automountServiceAccountToken: false + containers: + - name: argocd-repo-server + image: {{ .Values.repoServer.image.repository }}:{{ .Values.repoServer.image.tag }} + imagePullPolicy: {{ .Values.repoServer.image.pullPolicy}} + command: [argocd-repo-server] + ports: + - containerPort: {{ .Values.repoServer.containerPort }} + readinessProbe: + tcpSocket: + port: {{ .Values.repoServer.containerPort }} + initialDelaySeconds: 5 + periodSeconds: 10 diff --git a/charts/argo-cd/templates/argocd-repo-server-service.yaml b/charts/argo-cd/templates/argocd-repo-server-service.yaml new file mode 100755 index 00000000..68b80200 --- /dev/null +++ b/charts/argo-cd/templates/argocd-repo-server-service.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: + name: argocd-repo-server + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-repo-server + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: repo-server +spec: + ports: + - port: {{ .Values.repoServer.servicePort }} + targetPort: {{ .Values.repoServer.servicePort }} + selector: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-repo-server diff --git a/charts/argo-cd/templates/argocd-secret.yaml b/charts/argo-cd/templates/argocd-secret.yaml new file mode 100755 index 00000000..c693d079 --- /dev/null +++ b/charts/argo-cd/templates/argocd-secret.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Secret +metadata: + name: argocd-secret + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }} + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} +type: Opaque +data: +{{- if .Values.config.webhook.githubSecret }} + github.webhook.secret: {{ .Values.config.webhook.githubSecret }} +{{- end }} +{{- if .Values.config.webhook.gitlabSecret }} + gitlab.webhook.secret: {{ .Values.config.webhook.gitlabSecret }} +{{- end }} +{{- if .Values.config.webhook.bitbucketSecret }} + bitbucket.webhook.uuid: {{ .Values.config.webhook.bitbucketSecret }} +{{- end }} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-server-deployment.yaml b/charts/argo-cd/templates/argocd-server-deployment.yaml new file mode 100755 index 00000000..0a3bb3dc --- /dev/null +++ b/charts/argo-cd/templates/argocd-server-deployment.yaml @@ -0,0 +1,53 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: argocd-server + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: server +spec: + selector: + matchLabels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server + template: + metadata: + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: server + spec: + serviceAccountName: argocd-server + initContainers: + - name: ui + image: {{ .Values.server.uiInitImage.repository }}:{{ .Values.server.uiInitImage.tag }} + imagePullPolicy: {{ .Values.server.uiInitImage.pullPolicy }} + command: [cp, -r, /app, /shared] + volumeMounts: + - mountPath: /shared + name: static-files + containers: + - name: argocd-server + image: {{ .Values.server.image.repository }}:{{ .Values.server.image.tag }} + imagePullPolicy: {{ .Values.server.image.pullPolicy }} + command: [argocd-server, --staticassets, /shared/app] + volumeMounts: + - mountPath: /shared + name: static-files + ports: + - containerPort: {{ .Values.server.containerPort }} + readinessProbe: + httpGet: + path: /healthz + port: {{ .Values.server.containerPort }} + initialDelaySeconds: 3 + periodSeconds: 30 + volumes: + - emptyDir: {} + name: static-files diff --git a/charts/argo-cd/templates/argocd-server-ingress.yaml b/charts/argo-cd/templates/argocd-server-ingress.yaml new file mode 100644 index 00000000..d8b11266 --- /dev/null +++ b/charts/argo-cd/templates/argocd-server-ingress.yaml @@ -0,0 +1,29 @@ +{{- if .Values.ingress.enabled -}} +{{- $ingressPath := .Values.ingress.path -}} +{{- $servicePortHttps := .Values.server.servicePortHttps -}} +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: argocd-server + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }} + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} +{{- with .Values.ingress.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} +spec: + rules: + {{- range .Values.ingress.hosts }} + - host: {{ . | quote }} + http: + paths: + - path: {{ $ingressPath }} + backend: + serviceName: argocd-server + servicePort: {{ $servicePortHttps }} + {{- end }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-server-role.yaml b/charts/argo-cd/templates/argocd-server-role.yaml new file mode 100755 index 00000000..832ca5c4 --- /dev/null +++ b/charts/argo-cd/templates/argocd-server-role.yaml @@ -0,0 +1,45 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: argocd-server + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: server +rules: +- apiGroups: + - "" + resources: + - secrets + - configmaps + verbs: + - create + - get + - list + - watch + - update + - patch + - delete +- apiGroups: + - argoproj.io + resources: + - applications + - appprojects + verbs: + - create + - get + - list + - watch + - update + - delete + - patch +- apiGroups: + - "" + resources: + - events + verbs: + - create + - list diff --git a/charts/argo-cd/templates/argocd-server-rolebinding.yaml b/charts/argo-cd/templates/argocd-server-rolebinding.yaml new file mode 100755 index 00000000..4c53b979 --- /dev/null +++ b/charts/argo-cd/templates/argocd-server-rolebinding.yaml @@ -0,0 +1,19 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: argocd-server + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: server + +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: argocd-server +subjects: +- kind: ServiceAccount + name: argocd-server diff --git a/charts/argo-cd/templates/argocd-server-sa.yaml b/charts/argo-cd/templates/argocd-server-sa.yaml new file mode 100755 index 00000000..d764c65f --- /dev/null +++ b/charts/argo-cd/templates/argocd-server-sa.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: argocd-server + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: server diff --git a/charts/argo-cd/templates/argocd-server-service.yaml b/charts/argo-cd/templates/argocd-server-service.yaml new file mode 100755 index 00000000..371c4b2f --- /dev/null +++ b/charts/argo-cd/templates/argocd-server-service.yaml @@ -0,0 +1,24 @@ +apiVersion: v1 +kind: Service +metadata: + name: argocd-server + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: server +spec: + ports: + - name: http + protocol: TCP + port: {{ .Values.server.servicePortHttp }} + targetPort: {{ .Values.server.containerPort }} + - name: https + protocol: TCP + port: {{ .Values.server.servicePortHttps }} + targetPort: {{ .Values.server.containerPort }} + selector: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server + diff --git a/charts/argo-cd/templates/crds/application-crd.yaml b/charts/argo-cd/templates/crds/application-crd.yaml new file mode 100644 index 00000000..377c570f --- /dev/null +++ b/charts/argo-cd/templates/crds/application-crd.yaml @@ -0,0 +1,22 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }} + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + name: applications.argoproj.io + annotations: + "helm.sh/hook": crd-install +spec: + group: argoproj.io + names: + kind: Application + plural: applications + shortNames: + - app + - apps + scope: Namespaced + version: v1alpha1 \ No newline at end of file diff --git a/charts/argo-cd/templates/crds/appproject-crd.yaml b/charts/argo-cd/templates/crds/appproject-crd.yaml new file mode 100644 index 00000000..1b2ab3fd --- /dev/null +++ b/charts/argo-cd/templates/crds/appproject-crd.yaml @@ -0,0 +1,22 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }} + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + name: appprojects.argoproj.io + annotations: + "helm.sh/hook": crd-install +spec: + group: argoproj.io + names: + kind: AppProject + plural: appprojects + shortNames: + - appproj + - appprojs + scope: Namespaced + version: v1alpha1 \ No newline at end of file diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml new file mode 100644 index 00000000..c107e6f1 --- /dev/null +++ b/charts/argo-cd/values.yaml @@ -0,0 +1,128 @@ +applicationController: + containerPort: 8083 + servicePort: 8083 + image: + repository: argoproj/argocd + tag: v0.11.0 + pullPolicy: Always + +server: + containerPort: 8080 + servicePortHttp: 80 + servicePortHttps: 443 + containerMetricsPort: 8082 + serviceMetricsPort: 8082 + image: + repository: argoproj/argocd + tag: v0.11.0 + pullPolicy: Always + uiInitImage: + repository: argoproj/argocd-ui + tag: v0.11.0 + pullPolicy: Always + +repoServer: + containerPort: 8081 + servicePort: 8081 + image: + repository: argoproj/argocd + tag: v0.11.0 + pullPolicy: Always + +dexServer: + containerPortHttp: 5556 + containerPortGrpc: 5557 + servicePortHttp: 5556 + servicePortGrpc: 5557 + image: + repository: quay.io/dexidp/dex + tag: v2.12.0 + pullPolicy: Always + initImage: + repository: argoproj/argocd + tag: v0.11.0 + pullPolicy: Always + +# terminate tls at ArgoCD level +ingress: + enabled: false + annotations: {} + # kubernetes.io/ingress.class: nginx + # nginx.ingress.kubernetes.io/force-ssl-redirect: "true" + # nginx.ingress.kubernetes.io/ssl-passthrough: "true" + path: / + hosts: + - argocd.example.com + +# Standard Argo CD installation with cluster-admin access. +# Set this true if you plan to use Argo CD to deploy applications in the same cluster that +# Argo CD runs in (i.e. kubernetes.svc.default). +# Will still be able to deploy to external clusters with inputted credentials. + +clusterAdminAccess: + enabled: true + +config: + helmRepositories: + # - name: privateRepo + # url: http://chartmuseum.privatecloud.com + # usernameSecret: + # name: private-chartmuseum + # key: username + # passwordSecret: + # name: private-chartmuseum + # key: password + # - name: incubator + # url: https://kubernetes-charts-incubator.storage.googleapis.com/ + repositories: + # - url: git@gitlab.com:usersprivategroup/users-gitops-config.git + # sshPrivateKeySecret: + # key: privateKey + # name: argocd-dev-key + # - url: git@gitlab.com:accountingprivategroup/accounting-gitops-config.git + # sshPrivateKeySecret: + # key: privateKey + # name: argocd-dev-key + dexConfig: + # # Argo CD's externally facing base URL. Required for configuring SSO + # # url: https://argo-cd-demo.argoproj.io + # + # # A dex connector configuration. See documentation on how to configure SSO: + # # https://github.com/argoproj/argo-cd/blob/master/docs/sso.md#2-configure-argocd-for-sso + # connectors: + # # GitHub example + # - type: github + # id: github + # name: GitHub + # config: + # clientID: aabbccddeeff00112233 + # clientSecret: $dex.github.clientSecret + # orgs: + # - name: your-github-org + # teams: + # The following keys hold the shared secret for authenticating GitHub/GitLab/BitBucket webhook + # events. To enable webhooks, configure one or more of the following keys with the shared git + # provider webhook secret. The payload URL configured in the git provider should use the + # /api/webhook endpoint of your Argo CD instance (e.g. https://argocd.example.com/api/webhook) + webhook: + githubSecret: + gitlabSecret: + bitbucketSecret: +rbac: +# # An RBAC policy .csv file containing additional policy and role definitions. +# # See https://github.com/argoproj/argo-cd/blob/master/docs/rbac.md on how to write RBAC policies. +# policy.csv: | +# # Give all members of "my-org:team-alpha" the ability to sync apps in "my-project" +# p, my-org:team-alpha, applications, sync, my-project/*, allow +# # Make all members of "my-org:team-beta" admins +# g, my-org:team-beta, role:admin + policyCsv: #| + # p, role:org-admin, applications, *, */*, allow + # p, role:org-admin, clusters, get, *, allow + # p, role:org-admin, repositories, get, *, allow + # p, role:org-admin, repositories, create, *, allow + # p, role:org-admin, repositories, update, *, allow + # p, role:org-admin, repositories, delete, *, allow + # g, your-github-org:your-team, role:org-admin + # The default role Argo CD will fall back to, when authorizing API requests + policyDefault: #role:readonly \ No newline at end of file From 366a503ae07ae1d8d073653a6966275d1a39045a Mon Sep 17 00:00:00 2001 From: Nick Stott Date: Fri, 22 Feb 2019 03:07:20 -0500 Subject: [PATCH 03/17] This probably doesn't belong here (#37) Remove .DS_Store, this doesn't belong here --- charts/.DS_Store | Bin 6148 -> 0 bytes 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 charts/.DS_Store diff --git a/charts/.DS_Store b/charts/.DS_Store deleted file mode 100644 index beead66a02843c49bfcbb920658416449832a8c2..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 6148 zcmeHKu}TC{3`}&v1Dh)?x3saawpos|u=WS^P7vW>L9pM>Z}BVdW|EwE`>?f;2_&=c zCG(b@V)J5VzWR8%HCvk50#39~hSr#;H+EJ#MCTa~yK%eOjT@}vz=qLoklWd_z1ype zGyWZN*ZZ&_UL5P}#^-wq^A_McJ0+Z@BVt7pso^<4gs-F^*ZXR#OIrV0* z3B_yh@IK1TheSmwAO%hpIM3yh{r?{R%lv;z(n<UusSKNL=hLC1d3fw~A#7nv0J3k42B%q8&v From 286ba4d860b760e59e0e159aeabf19045f47e99c Mon Sep 17 00:00:00 2001 From: Daisuke Taniwaki Date: Fri, 1 Mar 2019 05:56:24 +0900 Subject: [PATCH 04/17] Set correct namespace on service account and clusterrole (#38) --- charts/argo-events/templates/argo-events-cluster-roles.yaml | 2 +- charts/argo-events/templates/argo-events-sa.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/argo-events/templates/argo-events-cluster-roles.yaml b/charts/argo-events/templates/argo-events-cluster-roles.yaml index 4d7e9db4..402076ab 100644 --- a/charts/argo-events/templates/argo-events-cluster-roles.yaml +++ b/charts/argo-events/templates/argo-events-cluster-roles.yaml @@ -9,7 +9,7 @@ roleRef: subjects: - kind: ServiceAccount name: argo-events-sa - namespace: argo-events + namespace: {{ .Release.Namespace }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole diff --git a/charts/argo-events/templates/argo-events-sa.yaml b/charts/argo-events/templates/argo-events-sa.yaml index 2d0f9de5..69525269 100644 --- a/charts/argo-events/templates/argo-events-sa.yaml +++ b/charts/argo-events/templates/argo-events-sa.yaml @@ -4,4 +4,4 @@ apiVersion: v1 kind: ServiceAccount metadata: name: argo-events-sa - namespace: argo-events + namespace: {{ .Release.Namespace }} From 1b17d04e7e4f92bdc6349e3df10d30b47fbdc832 Mon Sep 17 00:00:00 2001 From: Nick Stott Date: Thu, 28 Feb 2019 15:11:34 -0700 Subject: [PATCH 05/17] add a toggle to allow the controllers to listen on all namespaces (#41) --- .../argo-events/templates/gateway-controller-configmap.yaml | 2 ++ .../argo-events/templates/sensor-controller-configmap.yaml | 4 +++- charts/argo-events/values.yaml | 6 ++++++ 3 files changed, 11 insertions(+), 1 deletion(-) diff --git a/charts/argo-events/templates/gateway-controller-configmap.yaml b/charts/argo-events/templates/gateway-controller-configmap.yaml index 1f0a0fd7..5e01b9b8 100644 --- a/charts/argo-events/templates/gateway-controller-configmap.yaml +++ b/charts/argo-events/templates/gateway-controller-configmap.yaml @@ -9,4 +9,6 @@ metadata: data: config: | instanceID: {{ .Values.instanceID }} +{{- if .Values.singleNamespace }} namespace: {{ .Values.namespace }} +{{- end }} diff --git a/charts/argo-events/templates/sensor-controller-configmap.yaml b/charts/argo-events/templates/sensor-controller-configmap.yaml index abd1c8b9..17735823 100644 --- a/charts/argo-events/templates/sensor-controller-configmap.yaml +++ b/charts/argo-events/templates/sensor-controller-configmap.yaml @@ -9,4 +9,6 @@ metadata: data: config: | instanceID: {{ .Values.instanceID }} - namespace: {{ .Values.namespace }} \ No newline at end of file +{{- if .Values.singleNamespace }} + namespace: {{ .Values.namespace }} +{{- end }} diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index 09579cb3..3a1cf0d8 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -9,7 +9,13 @@ serviceAccount: argo-events-sa instanceID: argo-events + + +# set `singleNamespace` to false to have the controllers +# listen on all namespaces. Otherwise the controllers will listen +# on the namespace provided namespace: argo-events +singleNamespace: true # sensor controller sensorController: From 82ab0eaa27b3a051355ed24cf96c31a7d8747ea5 Mon Sep 17 00:00:00 2001 From: Seiya Muramatsu Date: Thu, 14 Mar 2019 01:26:00 +0900 Subject: [PATCH 06/17] set specific version to argo-events images (#43) --- charts/argo-events/Chart.yaml | 4 ++-- charts/argo-events/values.yaml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 8c05a032..f6469311 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v1 description: A Helm chart to install Argo-Events in k8s Cluster name: argo-events -version: 0.3.0 +version: 0.4.0 keywords: - argo-events - sensor-controller @@ -11,4 +11,4 @@ sources: maintainers: - name: Vaibhav Page - name: Matt Magaldi -appVersion: 0.7.0 +appVersion: 0.8.1 diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index 3a1cf0d8..107c9b1a 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -21,11 +21,11 @@ singleNamespace: true sensorController: name: sensor-controller image: sensor-controller - tag: latest + tag: v0.8.1 replicaCount: 1 gatewayController: name: gateway-controller image: gateway-controller - tag: latest + tag: v0.8.1 replicaCount: 1 From 37014cbcc9dd47f5a83d5df9ce3bce9aed258625 Mon Sep 17 00:00:00 2001 From: Vignir Hafsteinsson Date: Tue, 9 Apr 2019 17:49:15 +0000 Subject: [PATCH 07/17] Support argocd 0.12.0 (#46) * Adding redis to the helm chart. Updating from 0.11.0 to 0.12.0 * updating appVersion and helm chart version --- charts/argo-cd/Chart.yaml | 4 +- .../templates/argocd-redis-deployment.yaml | 38 +++++++++++++++++++ .../templates/argocd-redis-service.yaml | 17 +++++++++ charts/argo-cd/values.yaml | 20 +++++++--- 4 files changed, 71 insertions(+), 8 deletions(-) create mode 100755 charts/argo-cd/templates/argocd-redis-deployment.yaml create mode 100755 charts/argo-cd/templates/argocd-redis-service.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index a6e2c5fa..0b929154 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: "0.11" +appVersion: "0.12" description: A Helm chart for Argo-CD name: argo-cd -version: 0.1.0 +version: 0.2.0 diff --git a/charts/argo-cd/templates/argocd-redis-deployment.yaml b/charts/argo-cd/templates/argocd-redis-deployment.yaml new file mode 100755 index 00000000..383520fe --- /dev/null +++ b/charts/argo-cd/templates/argocd-redis-deployment.yaml @@ -0,0 +1,38 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: argocd-redis + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-redis + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: redis +spec: + selector: + matchLabels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-redis + template: + metadata: + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-redis + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: redis + spec: + automountServiceAccountToken: false + containers: + - name: redis + args: + - --save + - "" + - --appendonly + - "no" + image: {{ .Values.redis.image.repository }}:{{ .Values.redis.image.tag }} + imagePullPolicy: {{ .Values.redis.image.pullPolicy}} + ports: + - containerPort: {{ .Values.redis.containerPort }} + diff --git a/charts/argo-cd/templates/argocd-redis-service.yaml b/charts/argo-cd/templates/argocd-redis-service.yaml new file mode 100755 index 00000000..01883d75 --- /dev/null +++ b/charts/argo-cd/templates/argocd-redis-service.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: + name: argocd-redis + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-redis + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + app.kubernetes.io/component: redis +spec: + ports: + - port: {{ .Values.redis.servicePort }} + targetPort: {{ .Values.redis.servicePort }} + selector: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-redis diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index c107e6f1..5bf74d3b 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -3,7 +3,7 @@ applicationController: servicePort: 8083 image: repository: argoproj/argocd - tag: v0.11.0 + tag: v0.12.0 pullPolicy: Always server: @@ -14,11 +14,11 @@ server: serviceMetricsPort: 8082 image: repository: argoproj/argocd - tag: v0.11.0 + tag: v0.12.0 pullPolicy: Always uiInitImage: repository: argoproj/argocd-ui - tag: v0.11.0 + tag: v0.12.0 pullPolicy: Always repoServer: @@ -26,7 +26,7 @@ repoServer: servicePort: 8081 image: repository: argoproj/argocd - tag: v0.11.0 + tag: v0.12.0 pullPolicy: Always dexServer: @@ -40,7 +40,7 @@ dexServer: pullPolicy: Always initImage: repository: argoproj/argocd - tag: v0.11.0 + tag: v0.12.0 pullPolicy: Always # terminate tls at ArgoCD level @@ -125,4 +125,12 @@ rbac: # p, role:org-admin, repositories, delete, *, allow # g, your-github-org:your-team, role:org-admin # The default role Argo CD will fall back to, when authorizing API requests - policyDefault: #role:readonly \ No newline at end of file + policyDefault: #role:readonly + +redis: + image: + repository: redis + tag: 5.0.3 + pullPolicy: Always + containerPort: 6379 + servicePort: 6379 \ No newline at end of file From f607f4fc8080d1ffa37962f970a6cc67a21bd50d Mon Sep 17 00:00:00 2001 From: Arnar Date: Tue, 9 Apr 2019 18:01:45 +0000 Subject: [PATCH 08/17] Adding oidcConfig option to argo-cd helm chart (#49) --- charts/argo-cd/templates/argocd-cm.yaml | 9 ++++++++- charts/argo-cd/values.yaml | 8 +++++++- 2 files changed, 15 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/templates/argocd-cm.yaml b/charts/argo-cd/templates/argocd-cm.yaml index 79045e90..ab7f1961 100755 --- a/charts/argo-cd/templates/argocd-cm.yaml +++ b/charts/argo-cd/templates/argocd-cm.yaml @@ -20,4 +20,11 @@ data: {{- if .Values.config.dexConfig }} dex.config: | {{ toYaml .Values.config.dexConfig | indent 4 }} -{{- end }} \ No newline at end of file +{{- end }} +{{- if .Values.config.url }} + url: {{ .Values.config.url }} +{{- end }} +{{- if .Values.config.oidcConfig }} + oidc.config: | +{{ toYaml .Values.config.oidcConfig | indent 4 }} +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 5bf74d3b..a950aa6a 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -100,6 +100,12 @@ config: # orgs: # - name: your-github-org # teams: + url: # https://argocd.example.com/ + oidcConfig: + # name: Okta + # issuer: https://dev-123456.oktapreview.com + # clientID: aaaabbbbccccddddeee + # clientSecret: $oidc.okta.clientSecret # The following keys hold the shared secret for authenticating GitHub/GitLab/BitBucket webhook # events. To enable webhooks, configure one or more of the following keys with the shared git # provider webhook secret. The payload URL configured in the git provider should use the @@ -133,4 +139,4 @@ redis: tag: 5.0.3 pullPolicy: Always containerPort: 6379 - servicePort: 6379 \ No newline at end of file + servicePort: 6379 From a41d240cb0afde1ba71369d2a6e87f3e36122958 Mon Sep 17 00:00:00 2001 From: Vignir Hafsteinsson Date: Tue, 9 Apr 2019 19:29:24 +0000 Subject: [PATCH 09/17] Allow extraargs for argocd server (#47) * adding extraArgs for argocd-server. This is useful if you need to change the basehref or use insecure when using ingress https://github.com/argoproj/argo-cd/blob/master/docs/ingress.md * indent fix. * bumping chart version --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/templates/argocd-server-deployment.yaml | 8 +++++++- charts/argo-cd/values.yaml | 1 + 3 files changed, 9 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 0b929154..b82ca70a 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,4 +2,4 @@ apiVersion: v1 appVersion: "0.12" description: A Helm chart for Argo-CD name: argo-cd -version: 0.2.0 +version: 0.2.1 diff --git a/charts/argo-cd/templates/argocd-server-deployment.yaml b/charts/argo-cd/templates/argocd-server-deployment.yaml index 0a3bb3dc..928a3c15 100755 --- a/charts/argo-cd/templates/argocd-server-deployment.yaml +++ b/charts/argo-cd/templates/argocd-server-deployment.yaml @@ -36,7 +36,13 @@ spec: - name: argocd-server image: {{ .Values.server.image.repository }}:{{ .Values.server.image.tag }} imagePullPolicy: {{ .Values.server.image.pullPolicy }} - command: [argocd-server, --staticassets, /shared/app] + command: + - argocd-server + - --staticassets + - /shared/app + {{- range .Values.server.extraArgs }} + - {{. | quote }} + {{- end }} volumeMounts: - mountPath: /shared name: static-files diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index a950aa6a..e19920f6 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -20,6 +20,7 @@ server: repository: argoproj/argocd-ui tag: v0.12.0 pullPolicy: Always + extraArgs: [] repoServer: containerPort: 8081 From f6f4615b153a6682d962bf697d5d906f02e8993a Mon Sep 17 00:00:00 2001 From: Alexander Matyushentsev Date: Tue, 9 Apr 2019 15:38:32 -0700 Subject: [PATCH 10/17] Update argocd-application-controller container port --- charts/argo-cd/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index e19920f6..6b0fd502 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1,6 +1,6 @@ applicationController: - containerPort: 8083 - servicePort: 8083 + containerPort: 8082 + servicePort: 8082 image: repository: argoproj/argocd tag: v0.12.0 From 353f9447423f2ecd7608c1775fb1bc5ad439049c Mon Sep 17 00:00:00 2001 From: Alexander Matyushentsev Date: Tue, 9 Apr 2019 15:53:49 -0700 Subject: [PATCH 11/17] Add workaround for https://github.com/argoproj/argo-cd/issues/1425 --- charts/argo-cd/templates/crds/application-crd.yaml | 5 +++-- charts/argo-cd/templates/crds/appproject-crd.yaml | 5 +++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/templates/crds/application-crd.yaml b/charts/argo-cd/templates/crds/application-crd.yaml index 377c570f..5c2b8b60 100644 --- a/charts/argo-cd/templates/crds/application-crd.yaml +++ b/charts/argo-cd/templates/crds/application-crd.yaml @@ -4,7 +4,8 @@ metadata: labels: app.kubernetes.io/name: {{ include "argo-cd.name" . }} helm.sh/chart: {{ include "argo-cd.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} +# Don't apply label due to https://github.com/argoproj/argo-cd/issues/1425 +# app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} name: applications.argoproj.io @@ -19,4 +20,4 @@ spec: - app - apps scope: Namespaced - version: v1alpha1 \ No newline at end of file + version: v1alpha1 diff --git a/charts/argo-cd/templates/crds/appproject-crd.yaml b/charts/argo-cd/templates/crds/appproject-crd.yaml index 1b2ab3fd..afd1a38e 100644 --- a/charts/argo-cd/templates/crds/appproject-crd.yaml +++ b/charts/argo-cd/templates/crds/appproject-crd.yaml @@ -4,7 +4,8 @@ metadata: labels: app.kubernetes.io/name: {{ include "argo-cd.name" . }} helm.sh/chart: {{ include "argo-cd.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} +# Don't apply label due to https://github.com/argoproj/argo-cd/issues/1425 +# app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} name: appprojects.argoproj.io @@ -19,4 +20,4 @@ spec: - appproj - appprojs scope: Namespaced - version: v1alpha1 \ No newline at end of file + version: v1alpha1 From a72cf6d5b4e2a2797305bb2d3805461c17826b0d Mon Sep 17 00:00:00 2001 From: Alexander Matyushentsev Date: Wed, 10 Apr 2019 07:53:00 -0700 Subject: [PATCH 12/17] Update argocd image to v0.12.1 --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/values.yaml | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b82ca70a..a39c17f7 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: "0.12" +appVersion: "0.12.1" description: A Helm chart for Argo-CD name: argo-cd version: 0.2.1 diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 6b0fd502..9061043d 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -3,7 +3,7 @@ applicationController: servicePort: 8082 image: repository: argoproj/argocd - tag: v0.12.0 + tag: v0.12.1 pullPolicy: Always server: @@ -14,11 +14,11 @@ server: serviceMetricsPort: 8082 image: repository: argoproj/argocd - tag: v0.12.0 + tag: v0.12.1 pullPolicy: Always uiInitImage: repository: argoproj/argocd-ui - tag: v0.12.0 + tag: v0.12.1 pullPolicy: Always extraArgs: [] @@ -27,7 +27,7 @@ repoServer: servicePort: 8081 image: repository: argoproj/argocd - tag: v0.12.0 + tag: v0.12.1 pullPolicy: Always dexServer: @@ -41,7 +41,7 @@ dexServer: pullPolicy: Always initImage: repository: argoproj/argocd - tag: v0.12.0 + tag: v0.12.1 pullPolicy: Always # terminate tls at ArgoCD level From 4617535b72b5bd5f9ec0b4201e4fbb721eb07895 Mon Sep 17 00:00:00 2001 From: e-mon Date: Wed, 17 Apr 2019 03:18:13 +0900 Subject: [PATCH 13/17] Adding Service Annotation to argo-cd helm chart (#53) --- charts/argo-cd/templates/argocd-server-service.yaml | 2 ++ charts/argo-cd/values.yaml | 1 + 2 files changed, 3 insertions(+) diff --git a/charts/argo-cd/templates/argocd-server-service.yaml b/charts/argo-cd/templates/argocd-server-service.yaml index 371c4b2f..2f8decca 100755 --- a/charts/argo-cd/templates/argocd-server-service.yaml +++ b/charts/argo-cd/templates/argocd-server-service.yaml @@ -9,6 +9,8 @@ metadata: app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} app.kubernetes.io/component: server + annotations: +{{ toYaml .Values.server.serviceAnnotations | indent 4}}{{- end }} spec: ports: - name: http diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 9061043d..f3b40b19 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -12,6 +12,7 @@ server: servicePortHttps: 443 containerMetricsPort: 8082 serviceMetricsPort: 8082 + serviceAnnotations: {} image: repository: argoproj/argocd tag: v0.12.1 From eaa34e6cdd1ea223bf8d655d96e7ac21ebf4e045 Mon Sep 17 00:00:00 2001 From: Eric Bailey Date: Tue, 16 Apr 2019 13:20:40 -0500 Subject: [PATCH 14/17] workflow-crd.yaml: delete before hook creation (#50) --- charts/argo/templates/workflow-crd.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/charts/argo/templates/workflow-crd.yaml b/charts/argo/templates/workflow-crd.yaml index f65e5d14..64a77d7f 100644 --- a/charts/argo/templates/workflow-crd.yaml +++ b/charts/argo/templates/workflow-crd.yaml @@ -4,6 +4,7 @@ metadata: name: workflows.argoproj.io annotations: helm.sh/hook: crd-install + helm.sh/hook-delete-policy: before-hook-creation spec: group: argoproj.io version: v1alpha1 From 51ab61d98674dc8a47d8f1120d9ce0f78fff0879 Mon Sep 17 00:00:00 2001 From: Alex Collins Date: Tue, 16 Apr 2019 11:26:03 -0700 Subject: [PATCH 15/17] Adds Probot (#54) --- .github/ISSUE_TEMPLATE/bug_report.md | 27 +++++++++++++++++++++++ .github/ISSUE_TEMPLATE/feature_request.md | 20 +++++++++++++++++ .github/no-response.yml | 1 + .github/stale.yml | 1 + 4 files changed, 49 insertions(+) create mode 100644 .github/ISSUE_TEMPLATE/bug_report.md create mode 100644 .github/ISSUE_TEMPLATE/feature_request.md create mode 100644 .github/no-response.yml create mode 100644 .github/stale.yml diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md new file mode 100644 index 00000000..816593c4 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -0,0 +1,27 @@ +--- +name: Bug report +about: Create a report to help us improve +title: '' +labels: 'bug' +assignees: '' + +--- + +**Describe the bug** +A clear and concise description of what the bug is. + +**To Reproduce** +Steps to reproduce the behavior: +1. Go to '...' +2. Click on '....' +3. Scroll down to '....' +4. See error + +**Expected behavior** +A clear and concise description of what you expected to happen. + +**Screenshots** +If applicable, add screenshots to help explain your problem. + +**Additional context** +Add any other context about the problem here. diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md new file mode 100644 index 00000000..36014cde --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature_request.md @@ -0,0 +1,20 @@ +--- +name: Feature request +about: Suggest an idea for this project +title: '' +labels: 'enhancement' +assignees: '' + +--- + +**Is your feature request related to a problem? Please describe.** +A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] + +**Describe the solution you'd like** +A clear and concise description of what you want to happen. + +**Describe alternatives you've considered** +A clear and concise description of any alternative solutions or features you've considered. + +**Additional context** +Add any other context or screenshots about the feature request here. diff --git a/.github/no-response.yml b/.github/no-response.yml new file mode 100644 index 00000000..47e7fb6f --- /dev/null +++ b/.github/no-response.yml @@ -0,0 +1 @@ +# See https://github.com/probot/no-response diff --git a/.github/stale.yml b/.github/stale.yml new file mode 100644 index 00000000..b81bf109 --- /dev/null +++ b/.github/stale.yml @@ -0,0 +1 @@ +# See https://github.com/probot/stale From 97bc21a6eb0d43a63b879f5d1e8005a5d508b130 Mon Sep 17 00:00:00 2001 From: Jeev B Date: Tue, 16 Apr 2019 11:29:45 -0700 Subject: [PATCH 16/17] Add provision to specify loadBalancerSourceRanges for Argo UI LoadBalancer service resource. (#44) --- charts/argo/templates/ui-service.yaml | 3 +++ charts/argo/values.yaml | 5 ++++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/charts/argo/templates/ui-service.yaml b/charts/argo/templates/ui-service.yaml index b83e5532..56cead02 100644 --- a/charts/argo/templates/ui-service.yaml +++ b/charts/argo/templates/ui-service.yaml @@ -18,3 +18,6 @@ spec: app: {{ .Release.Name }}-{{ .Values.ui.name }} sessionAffinity: None type: {{ .Values.ui.serviceType }} + {{- if and (eq .Values.ui.serviceType "LoadBalancer") .Values.ui.loadBalancerSourceRanges }} + loadBalancerSourceRanges: +{{ toYaml .Values.ui.loadBalancerSourceRanges | indent 4 }}{{- end }} diff --git a/charts/argo/values.yaml b/charts/argo/values.yaml index bb0985fa..161d9f59 100644 --- a/charts/argo/values.yaml +++ b/charts/argo/values.yaml @@ -40,7 +40,10 @@ ui: serviceAccount: argo-ui # Annotations to be applied to the UI Service serviceAnnotations: {} - + # Source ranges to allow access to service from. Only applies to + # service type `LoadBalancer` + loadBalancerSourceRanges: [] + ## Ingress configuration. ## ref: https://kubernetes.io/docs/user-guide/ingress/ ## From c14d052fd7c5c7f5efdcbb8c69aa15666923911e Mon Sep 17 00:00:00 2001 From: Nick Stott Date: Tue, 16 Apr 2019 18:27:40 -0400 Subject: [PATCH 17/17] add metricsConfig to the configmaps for the workflow-controller-configmap.yaml (#42) --- charts/argo/templates/workflow-controller-config-map.yaml | 3 +++ charts/argo/values.yaml | 4 ++++ 2 files changed, 7 insertions(+) diff --git a/charts/argo/templates/workflow-controller-config-map.yaml b/charts/argo/templates/workflow-controller-config-map.yaml index 4c97cfc6..f77637a0 100644 --- a/charts/argo/templates/workflow-controller-config-map.yaml +++ b/charts/argo/templates/workflow-controller-config-map.yaml @@ -30,3 +30,6 @@ data: endpoint: {{ .Values.artifactRepository.s3.endpoint | default (printf "%s-%s" .Release.Name "minio:9000") }} insecure: {{ .Values.artifactRepository.s3.insecure }} {{- end}} + {{- if .Values.controller.metricsConfig.enabled }} + metricsConfig: +{{ toYaml .Values.controller.metricsConfig | indent 6}}{{- end }} diff --git a/charts/argo/values.yaml b/charts/argo/values.yaml index 161d9f59..5836cd69 100644 --- a/charts/argo/values.yaml +++ b/charts/argo/values.yaml @@ -15,6 +15,10 @@ init: controller: # podAnnotations is an optional map of annotations to be applied to the controller Pods podAnnotations: {} + metricsConfig: + enabled: false + path: /metrics + port: 8080 serviceAccount: argo name: workflow-controller workflowNamespaces: